1 # Licensed under the Apache License, Version 2.0 (the "License");
2 # you may not use this file except in compliance with the License.
3 # You may obtain a copy of the License at
5 # http://www.apache.org/licenses/LICENSE-2.0
7 # Unless required by applicable law or agreed to in writing, software
8 # distributed under the License is distributed on an "AS IS" BASIS,
9 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
11 # See the License for the specific language governing permissions and
12 # limitations under the License.
15 # tools.secureheaders.on = True
16 tools.sessions.on = True
17 # increase security on sessions
18 tools.sessions.secure = True
19 tools.sessions.httponly = True
20 tools.encode.on: True,
21 tools.encode.encoding: 'utf-8'
22 tools.response_headers.on = True
24 # tools.auth_basic.on: True,
25 # tools.auth_basic.realm: 'localhost',
26 # tools.auth_basic.checkpassword: get_tokens
30 tools.staticdir.on: True
31 tools.staticdir.dir: "/app/NBI/osm_nbi/html_public"
35 server.socket_host: "0.0.0.0"
36 server.socket_port: 9999
38 server.ssl_module: "builtin"
39 server.ssl_certificate: "./http/cert.pem"
40 server.ssl_private_key: "./http/privkey.pem"
41 server.ssl_pass_phrase: "osm4u"
42 server.thread_pool: 10
44 # Uncomment for allow basic authentication apart from bearer
45 # auth.allow_basic_authentication: True
47 # comment or set to False to disable /test URL
48 server.enable_test: True
55 #log.file: /var/log/osm/nbi.log
59 driver: "mongo" # mongo or memory
60 host: "mongo" # hostname or IP
63 # replicaset: "replicaset"
65 # password: "password"
66 # commonkey: "commonkey"
69 host: "prometheus" #hostname or IP
73 #logfile: /var/log/osm/nbi-database.log
76 driver: "local" # local filesystem
77 # for local provide file path
78 path: "/app/storage" #"/home/atierno/OSM/osm/NBI/local/storage"
81 #logfile: /var/log/osm/nbi-storage.log
84 driver: "kafka" # local or kafka
85 # for local provide file path
86 path: "/app/storage/kafka"
91 #logfile: /var/log/osm/nbi-message.log
92 group_id: "nbi-server"
95 backend: "keystone" # internal or keystone or tacacs
96 # for keystone backend a comma separated list of user adn project _domain_name list can ba provided.
97 # NBI will try authenticate with all of then if domain is not provided in the content of a POST token
98 # user_domain_name: "default,ldap"
99 # project_domain_name: "default,ldap"
101 # Keystone config parameters are
102 # auth_url: format https://<ip>:<port>/v3 # v3 is necessary
103 # auth_host: ip address of keystone host.
104 # auth_port: port number of keystone.
105 # Provide either auth_url or (auth_host and auth_port)
106 # service_username: "nbi"
107 # service_password: "nbi"
109 # Only for test. It works without authorization using the provided user and project:
110 # user_not_authorized: "admin"
111 # project_not_authorized: "admin"
113 # TACACS configuration
116 # tacacs_port: 49 # Default value
117 # tacacs_timeout: 10 # Default value
119 # Password expiry configuration
120 # pwd_expiry_check: True # Uncomment to enable the password expiry check
121 # days: 30 # Default value
124 # roles_to_operations: "roles_to_operations.yml" # initial role generation when database